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DETAILED ACTION 

Claims 1-43 have been considered. After careful review, Examiner maintains the rejections 
presented in the previous action. 



5 Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 
1.17(e), was filed in this application after final rejection. Since this application is eligible for continued 
examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the 
finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's 
10 submission filed on 5/12/06 has been entered. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
1 5 claiming the subject matter which the applicant regards as his invention. 

Claim 38 is rejected under 35 U.S.C. 112, second paragraph. Claim 38 recites the limitation "said 
largest sequence number yet seen". There is insufficient antecedent basis for this limitation in the claim. 



20 Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or 
25 in public use or on sale in this country, more than one year prior to the date of application for 

patent in the United States. 
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Claims 1-43 are rejected under 35 U.S.C. 102(b) as being anticipated by anticipated by Hughes 
(Hughes, J. "Combined DES-CBC, HMAC and Replay Prevention Security Transform". IPsec Working 
Group. June 1996). 

5 As per claims 1,10,19,28, and 36, the applicant describes a method of processing messages 

comprising the following limitations which are met by Hughes: 

a) determining a largest nonce value yet seen from a plurality of nonce values of out-of-order 
messages (pages 3-4 and 10-11); 

b) comparing a nonce value of a received message with said largest nonce value yet seen (pages 
10 3-4 and 10-11); 

c) comparing said nonce value to an acceptance window in response to said nonce value not 
exceeding said largest nonce value yet seen (pages 3-4 and 10-11); 

d) adjusting said acceptance window based on said largest nonce value yet seen (pages 3-4 and 

10-11); 

15 e) rejecting said received message in response to said nonce value falling outside said 

acceptance window (pages 3-4 and 10-11); 

Hughes discloses the idea of a sliding acceptance window to allow a receiver to accept out-of- 
order nonce values while preventing replay attacks (pages 3-4). Appendix A (pages 10-11) illustrates the 
procedure. 

20 

As per claims 2-9,1 1-18,20-27,29-35, and 37-43, the applicant describes the method of claims 
1,10,19,28, and 36, which are met by Hughes, with the following limitation which is also met by Hughes: 

Designating said nonce value as said largest nonce value yet seen in response to said nonce 
value exceeding said largest nonce value yet seen (pages 3-4 and 10-11). 

25 

Claim Rejections - 35 (JSC § 103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
5 patented and the prior art are such that the subject matter as a whole would have been obvious 

at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

10 

Claims 1-43 are rejected under 35 U.S.C. 103(a) as being unpatentable over Schneier, U.S. 
Patent No. 5,970,143. 



As per claims 1,10, and 19, the applicant describes a method of processing messages 
15 comprising the following limitations which are met by Schneier: 

a) determining a largest nonce value yet seen from a plurality of nonce values of out-of-order 
messages (Col 16, lines 9-16); 

b) comparing a nonce value of a received message with a largest nonce value yet seen (Col 16, 
lines 9-16); 

20 c) comparing said nonce value to an acceptance window in response to said nonce value not 

exceeding said largest nonce value yet seen (Col 16, lines 17-32); 

d) adjusting said acceptance window based on said largest nonce value yet seen (Col 16, lines 

17-32); 

e) rejecting said received message in response to said nonce value falling outside said 
25 acceptance window (Col 16, lines 17-32); 

Schneier discloses all the limitations of the above claim. However, Schneier discloses limitations 
a and b in one embodiment and limitations c,d, and e in a second embodiment. 

Combining the two embodiments would mean that a received nonce value is first checked against 
the stored largest nonce value yet seen to make sure the newly-received nonce is one larger. If the 
30 newly-received sequence number is one larger it can be accepted as fresh. If the newly-received 
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sequence number does not exceed the largest nonce value yet seen, it is then checked against an 
acceptance window and rejected if it fails this test. It would have been obvious to one of ordinary skill in 
the art at the time the invention was filed to combine the two embodiments because doing so allows old 
messages to be allowed if they are valid. This makes the system more robust because it is now able to 
5 allow valid out-of-order messages. 

As per claim 28, the applicant describes a system for processing messages in a peer-to-peer 
configuration comprising the following limitations: 

a) a first peer configured to provide secure communication (14 of Fig 2); 
10 b) a second peer configured to provide said secure communication (12 of Fig 2); 

c) a secure communication module configured to be executed by said first peer and second peer, 
wherein said secure communication module is configured to: 

i) determine a largest nonce value yet seen from a nonce value of a received message 
(Col 16, lines 9-16); 

15 ii) compare said nonce value to a filter in response to a nonce value of a received packet 

not exceeding a largest nonce value yet seen (Col 16, lines 24-32); 

iii) compare said nonce value to a replay mask (Col 16, lines 24-32); 

iv) accept said received packet in response to said comparison of said nonce value and 
said replay mask being false (Col 16, lines 24-32). 

20 

As per claim 36, the applicant describes an interceptor device for processing messages 
comprising the following limitations: 

a) a network interface (20 of Fig 2; Col 11, lines 56-58); 

b) an expected sequence register configured to enumerate an expected sequence number of a 
25 packet received from a second network device (Col 16, lines 9-16); 

c) a memory configured to store a replay mask (Col 16, lines 24-32); 

d) a controller, wherein said controller is configured to: 
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i) determine a largest nonce value yet seen from a nonce value of a received message 
(Col 16, lines 9-16); 

ii) compare said nonce value to a filter in response to a sequence number of a received 
packet via said network interface does not exceed a largest sequence number yet seen retrieved 

5 from said expected sequence register (Col 16, lines 24-32); 

iii) compare said sequence number to said replay mask retrieved from said memory (Col 

16, lines 24-32); 

iv) accept said received packet in response to said comparison of said sequence number 
and said replay mask is false (Col 16, lines 24-32); 

10 

As per claims 2,3,11,13,20,21,29, and 37, the applicant discloses the method of claims 
1,10,19,28, and 36, which are met by Schneier (see above), further comprising the following limitation 
which is also met by Schneier: 

Designating said nonce value as said largest nonce value yet seen in response to said nonce 
15 value exceeding said largest nonce value yet seen (Col 16, lines 9-16); 

As disclosed by Schneier, "The central computer stores the most recent sequence number in 
memory" (Col 16, lines 13-14). 

As per claims 4,12,22,30, and 38, the applicant discloses the method of claims 1,10,19,28, and 
20 36, which are met by Schneier (see above), further comprising the following limitation which is also met 
by Schneier: 

Adjusting an acceptance window based on said nonce value exceeding said largest nonce value 
yet seen (Col 16, lines 24-32). 

25 As per claims 5,7,14,16,23,25,32,34,40, and 42, the applicant describes the method of claim 

1,6,10,16,19,24,28,33,36, and 41, which are met by Schneier (see above), with the following limitation 
which is also met by Schneier: 
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Designating said received message as a replay attack (Col 16, lines 17-32); 

As per claims 6,8, 1 5, 1 7,24,26,33, and 41 , the applicant describes the method of claims 
1,10,19,28, and 36, which are met by Schneier (see above), with the following limitation which is also met 
5 by Schneier: 

a) comparing said nonce value to a window mask value in response to said nonce value falling 
within said acceptance window (Col 16, lines 24-32); 

b) rejecting said received message in response to an outcome of said comparison of said nonce 
value to said window mask value being true (Col 16, lines 24-32); 

10 

As per claims 9,18, and 27, the applicant describes the method of claims 8,17, and 26, which are 
met by Schneier (see above), with the following limitation which is also met by Schneier: 
Designating said nonce value as a nonce value seen (Col 16, lines 24-32); 
As disclosed by Schneier, "The central computer maintains a database of all random numbers 
15 received from the game computers" (Col 16, lines 26-27). 

As per claims 31 and 39, the applicant describes the system according to claims 28 and 36, 
which are met by Schneier (see above), with the following limitation which is also met by Schneier: 

Wherein said secure communication module is further configured to reject said received packet in 
20 response to said nonce value falling outside said filter (Col 16, lines 17-32); 

As per claims 35 and 43, the applicant describes the system according to claims 28 and 36, 

r 

which are met by Schneier (see above), with the following limitation which is also met by Schneier: 

Wherein said secure communication module is further configured to reject said received packet in 
25 response to said nonce value fails to fall within said filter and said secure communication module is 
further configured to designate said received packet as part of a replay attack (Col 16, lines 17-32). 
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Response to Arguments 

Applicant's arguments, see Remarks filed 5/12/06, with respect to the 102(b) rejection of claim 1 
under Hughes have been fully considered but they are not persuasive. Applicant presents the following 
argument: 

5 1) Hughes fails to meet part d 

Examiner respectfully disagrees with the above. More specifically, Applicant submits that Hughes 
discloses a sliding window but that the size is an implementation detail Applicant concludes that Hughes 
fails to disclose "how to determine the size of a sliding window" (Remarks page 2 lines 1-2) and as such 

10 fails to meet part d. 

To what extent the above statements are true, they are outside the scope of the claim language. 
The claim language calls for "adjusting said acceptance window based on said largest nonce value yet 
seen" (claim 1, part d). Nowhere within the claim language is it required that the size of the acceptance 
window is changed. Further, Hughes teaches the use of a "sliding window" in which the 

1 5 acceptance window is adjusted, or slides, according a largest nonce value yet seen. For example, 
using the "ReplayWindowSize" of 32 in Appendix A, an acceptance window is such that nonce values 
within 32 of the largest nonce value yet seen are accepted and nonce values 32 or greater from the 
largest nonce value yet seen are discarded as too old (line 1 1 of Appendix A). 



20 Applicant's arguments with respect to the 103(a) rejection of claim 1 under Schneier have been 

fully considered but they are not persuasive. Applicant presents the following argument: 
1) Schneier fails to meet part d 



Examiner respectfully disagrees with the above. The combination of Schneier teaches that a 
25 nonce value is compared with a largest nonce value yet seen. If the nonce value does not exceed the 
largest nonce value yet seen, it is compared with an acceptance window. More specifically, the nonce 
value is compared to a log of nonce values which have been received within a prescribed amount of time. 
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If the nonce value hasn't already been received, it is accepted as fresh (Col 16, lines 27-30) and the 
nonce value is logged as a nonce value which has already been received. Hence the acceptance window 
is adjusted. Further, the adjustment is based on a largest nonce value yet seen as a comparison of a 
received nonce value with a largest nonce value yet seen triggers a comparison/potential adjustment of 
5 the acceptance window. 



This action is made non-final. Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Kevin Schubert whose telephone number is 
10 (571) 272-4239. The examiner can normally be reached on M-F 7:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the organization where 
this application or proceeding is assigned is 571-273-8300. 



15 Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative 

20 or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 



Conclusion 



Information regarding the status of an application may be obtained from the Patent Application 



25 
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